Connected Cell Phones Not Listed in SRM Threat Prevention => Settings => Devices Screen

Currently reading
Connected Cell Phones Not Listed in SRM Threat Prevention => Settings => Devices Screen

Geodude

Subscriber
5
2
I must be overlooking or forgetting something obvious, but why are my currently connected cell phones not listed in the Threat Prevention => Settings => Devices tab screen of SRM for my RT2600ac router?? The phones are actively connected to the wireless network and are in use, but do not appear here...???
 

fredbert

Moderator
NAS Support
Subscriber
2,158
871
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Do you have some MAC addresses listed?

Are your cell phones iPhones running iOS 14?
 

Geodude

Subscriber
5
2
All MAC addresses/devices are listed except for the cell phones. When I search for any cell phone MAC address in the search box (upper-right corner of screen), none come up. But they are listed in the screens showing active traffic information, etc.
I'm a bit stumped...?
 

fredbert

Moderator
NAS Support
Subscriber
2,158
871
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
I see all my connected devices: Mac, PC, iPhones, Android phones, Apple TV, etc.

I only wondered if the iOS 14 private MAC feature had meant your phones were no longer assigned to the same MAC as their real ones.

I assume you have selected to protect all devices in TP? And I can't see why it shouldn't be listing all your devices.
 

Geodude

Subscriber
5
2
Oops...phones are running Android 11.
All devices - that appear in the list - are selected for protection.
But...you may have steered me to the answer. Android uses MAC randomization (unless disabled). Would I have to assign DHCP reservation to the phones for them to appear on the Threat Protection Device list (if so, I would assume that would be the case, rather than a static reservation on the phones themselves, which could cause issues when the phones connect to other access points)?
 

fredbert

Moderator
NAS Support
Subscriber
2,158
871
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
iOS 14 seems to assign the same private MAC for re-connections to the same SSID/network. Or until it is told to forget it, or something: haven't investigated fully. Anyway I can tag these persistent private MAC with meaningful names in Traffic Control.

Having just found an unnamed MAC address in my TP devices I can confirm that the DHCP reservation name isn't used in TP. But finding the unnamed MAC in Traffic Control's list of devices I then renamed it (it was my managed switch). This TCtrl name was picked up by TP.

How often does Android 11 spin the private MAC? It may be too often for TP to display a comprehensive list. But you can see if the phone is protected by trying to trigger an event in TP.
 

Geodude

Subscriber
5
2
I don't recall how long the phones' MAC duration period is (I should check), but attempting to violate a firewall rule with the phone does get logged in the firewall. I'll have to see if a TP violation is logged when attempted (but unfortunately I'll have to wait until later today for that).
TC and Safe Access do indeed show the different phone MAC addresses for the same phone (which do indeed change, as expected).
I'll update when I can check it out later today. Meanwhile, thanks for your help!
 

Geodude

Subscriber
5
2
Last edited:
Fredbert (and others), I had a support ticket in on this, and they told me the issue is indeed related to the MAC randomization on the Android phones. But they also told me that they are fixing this issue in update 1.2.5 (whenever we get that). I suppose that could also used a fixed address (preferably via IP reservation), but I may wait and see what the update brings.
Anyway, thanks again for your help.

[EDIT]: Jeepers...I had missed this in my original searches: Synology Router Manager - Knowledge Base | Synology Inc.
In any case, they said using DHCP reservation (thereby obtaining a fixed IP address from the router, rather than from the device) may be taken up as part of a future update. For now, if we want phones to appear in the TP Device list, we would need to turn off MAC randomization on the device/phone itself. But that would create other issues, so I'll hold off for now...
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top